Packets which are not replies to an already existing incoming connection
would be treated by a default NAT rule to look like they came from the
IP address of the firewall and would be routed over the default route.
MArk
On Wed, 2002-01-16 at 15:37, Nick Murtagh wrote:
> On Wednesday 16 January 2002 15:28, Mark Kilmartin wrote:
> > I believe what is needed is something like below.
> >
> > NOTE this is totally untested.
> >
> > On the firewall issue something like the following.
> >
> > echo 200 Xinterface >> /etc/iproute2/rt_tables
> > ip rule add from 'X' table Xinterface
> >
> > ip route add default via <The next router on interface X> dev <the
> > physical interface> table Xinterface
> >
> > ip route flush cache
>> Are you referring to packets going out to the internet? In that case,
> how would a packet going out from your LAN have a source address (`from'
> address) of X?
>> --
> Irish Linux Users' Group: ilug at linux.ie>http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
> List maintainer: listmaster at linux.ie
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
